//package com.houger.ddd.config;
//
//import org.springframework.security.crypto.keygen.Base64StringKeyGenerator;
//import org.springframework.security.crypto.keygen.StringKeyGenerator;
//import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
//import org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver;
//import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver;
//import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
//import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
//import org.springframework.stereotype.Component;
//import org.springframework.web.server.ServerWebExchange;
//import reactor.core.publisher.Mono;
//
//import java.nio.charset.StandardCharsets;
//import java.security.MessageDigest;
//import java.security.NoSuchAlgorithmException;
//import java.util.Base64;
//import java.util.HashMap;
//import java.util.Map;
//
///**
// * @author Houger.
// * @date 2024年06月19日 18:13.
// */
//@Component
//public class  MyOAuth2AuthorizationRequestResolver implements ServerOAuth2AuthorizationRequestResolver {
//
//    private DefaultServerOAuth2AuthorizationRequestResolver defaultResolver;
//
//    private final StringKeyGenerator secureKeyGenerator =
//        new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
//
//    public MyOAuth2AuthorizationRequestResolver(ReactiveClientRegistrationRepository clientRegistrationRepository) {
//        defaultResolver = new DefaultServerOAuth2AuthorizationRequestResolver(clientRegistrationRepository);
//    }
//
//    @Override
//    public Mono<OAuth2AuthorizationRequest> resolve(ServerWebExchange exchange) {
//        return defaultResolver.resolve(exchange).map(req -> customizeAuthorizationRequest(req));
//    }
//
//    @Override
//    public Mono<OAuth2AuthorizationRequest> resolve(ServerWebExchange exchange, String clientRegistrationId) {
//        return defaultResolver.resolve(exchange, clientRegistrationId).map(req -> customizeAuthorizationRequest(req));
//    }
//
//    private OAuth2AuthorizationRequest customizeAuthorizationRequest(OAuth2AuthorizationRequest req) {
//        if (req == null) { return null; }
//
//        Map<String, Object> attributes = new HashMap<>(req.getAttributes());
//        Map<String, Object> additionalParameters = new HashMap<>(req.getAdditionalParameters());
//        addPkceParameters(attributes, additionalParameters);
//        return OAuth2AuthorizationRequest.from(req)
//            .attributes(attributes)
//            .additionalParameters(additionalParameters)
//            .build();
//    }
//
//    private void addPkceParameters(Map<String, Object> attributes, Map<String, Object> additionalParameters) {
//        String codeVerifier = this.secureKeyGenerator.generateKey();
//        attributes.put(PkceParameterNames.CODE_VERIFIER, codeVerifier);
//        try {
//            String codeChallenge = createHash(codeVerifier);
//            additionalParameters.put(PkceParameterNames.CODE_CHALLENGE, codeChallenge);
//            additionalParameters.put(PkceParameterNames.CODE_CHALLENGE_METHOD, "S256");
//        } catch (NoSuchAlgorithmException e) {
//            additionalParameters.put(PkceParameterNames.CODE_CHALLENGE, codeVerifier);
//        }
//    }
//
//    private static String createHash(String value) throws NoSuchAlgorithmException {
//        MessageDigest md = MessageDigest.getInstance("SHA-256");
//        byte[] digest = md.digest(value.getBytes(StandardCharsets.US_ASCII));
//        return Base64.getUrlEncoder().withoutPadding().encodeToString(digest);
//    }
//}
//
